CVE-2024-47217

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-47217

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47217.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-47217

Published

2025-04-03T21:15:38.983Z

Modified

2026-04-10T05:18:15.113734Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. It can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt.

References

https://support.snowplow.io/hc/en-us/articles/26318139354909-Update-Critical-Snowplow-Security-Updates-Impact-on-Open-Source-Software-Users

Affected packages

Git / github.com/snowplow/iglu-server

Affected ranges

Type

GIT

Repo

https://github.com/snowplow/iglu-server

Events

Introduced

Fixed

bf55b6a92533de636d2e57a52ffc1c68d863c4ae

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.13.1"
        }
    ]
}

Affected versions

0.*

0.10.0

0.10.0-rc1

0.10.0-rc2

0.10.1

0.10.1-rc1

0.10.1-rc3

0.11.0

0.12.0

0.12.1

0.13.0

0.2.0

0.3.0

0.4.0

0.5.0

0.6.0

0.6.1

0.6.2

0.7.0

0.8.0

0.8.1

0.8.1-rc1

0.8.2

0.8.2-rc2

0.8.3

0.8.4

0.8.4-rc1

0.8.5

0.8.6

0.8.7

0.9.0

0.9.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47217.json"